/mandos/release : revision 237.2.69

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to plugins.d/mandos-client.c

Committer: Teddy Hogeborn
Date: 2009-02-09 02:17:59 UTC
mfrom: (24.1.133 mandos)
mto: (24.1.136 mandos) (237.4.2 mandos-pipe-ipc) (299.1.1 release) (300.1.1 release) (301.1.1 release)
mto: This revision was merged to the branch mainline in revision 250.
Revision ID: teddy@fukt.bsnet.se-20090209021759-15raw68l6q0yegtc

Merge from Björn:

* mandos-ctl: Changed domain to "se.bsnet.fukt".

* plugin-runner.c (main): Bug fix: remove pseudo-plugin for global
                          plugin arguments after it is no longer
                          needed.

* plugins.d/mandos-client.c (adjustbuffer): Renamed to "incbuffer",
                                            all callers changed.

files added:
.bzr-builddeb

.bzr-builddeb/default.conf

.bzrignore

COPYING

INSTALL

NEWS

README

common.ent

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/po

debian/rules

debian/watch

default-mandos

init.d-mandos

initramfs-tools-hook

initramfs-tools-hook-conf

initramfs-tools-script

legalnotice.xml

mandos-clients.conf.xml

mandos-ctl

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.xml

overview.xml

plugin-runner.c

plugin-runner.conf

plugin-runner.xml

plugins.d

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

files removed:
ca.pem

cert.pem

client-cert.pem

client-key.pem

client.cpp

crl.pem

key.pem

files renamed:
mandos-clients.conf => clients.conf

server.py => mandos

files modified:
Makefile

TODO

Show diffs side-by-side

added added

removed removed

plugins.d/mandos-client.c

/* -*- coding: utf-8 -*- */

* Mandos-client - get and decrypt data from a Mandos server

* This program is partly derived from an example program for an Avahi

* service browser, downloaded from

* <http://avahi.org/browser/examples/core-browse-services.c>. This

* includes the following functions: "resolve_callback",

* "browse_callback", and parts of "main".

* Everything else is

* This program is free software: you can redistribute it and/or

* modify it under the terms of the GNU General Public License as

* published by the Free Software Foundation, either version 3 of the

* License, or (at your option) any later version.

* This program is distributed in the hope that it will be useful, but

* WITHOUT ANY WARRANTY; without even the implied warranty of

* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

* General Public License for more details.

* You should have received a copy of the GNU General Public License

* along with this program. If not, see

* <http://www.gnu.org/licenses/>.

* Contact the authors at <mandos@fukt.bsnet.se>.

/* Needed by GPGME, specifically gpgme_data_seek() */

#define _LARGEFILE_SOURCE

#define _FILE_OFFSET_BITS 64

#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), asprintf() */

#include <stdio.h> /* fprintf(), stderr, fwrite(),

stdout, ferror(), sscanf(),

remove() */

#include <stdint.h> /* uint16_t, uint32_t */

#include <stddef.h> /* NULL, size_t, ssize_t */

#include <stdlib.h> /* free(), EXIT_SUCCESS, EXIT_FAILURE,

srand() */

#include <stdbool.h> /* bool, false, true */

#include <string.h> /* memset(), strcmp(), strlen(),

strerror(), asprintf(), strcpy() */

#include <sys/ioctl.h> /* ioctl */

#include <sys/types.h> /* socket(), inet_pton(), sockaddr,

sockaddr_in6, PF_INET6,

SOCK_STREAM, uid_t, gid_t, open(),

opendir(), DIR */

#include <sys/stat.h> /* open() */

#include <sys/socket.h> /* socket(), struct sockaddr_in6,

inet_pton(), connect() */

#include <fcntl.h> /* open() */

#include <dirent.h> /* opendir(), struct dirent, readdir()

#include <inttypes.h> /* PRIu16, intmax_t, SCNdMAX */

#include <assert.h> /* assert() */

#include <errno.h> /* perror(), errno */

#include <time.h> /* nanosleep(), time() */

#include <net/if.h> /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP,

SIOCSIFFLAGS, if_indextoname(),

if_nametoindex(), IF_NAMESIZE */

#include <netinet/in.h> /* IN6_IS_ADDR_LINKLOCAL,

INET_ADDRSTRLEN, INET6_ADDRSTRLEN

#include <unistd.h> /* close(), SEEK_SET, off_t, write(),

getuid(), getgid(), setuid(),

setgid() */

#include <arpa/inet.h> /* inet_pton(), htons */

#include <iso646.h> /* not, or, and */

#include <argp.h> /* struct argp_option, error_t, struct

argp_state, struct argp,

argp_parse(), ARGP_KEY_ARG,

ARGP_KEY_END, ARGP_ERR_UNKNOWN */

#ifdef __linux__

#include <sys/klog.h> /* klogctl() */

#endif

/* Avahi */

/* All Avahi types, constants and functions

Avahi*, avahi_*,

AVAHI_* */

#include <avahi-core/core.h>

#include <avahi-core/lookup.h>

#include <avahi-core/log.h>

#include <avahi-common/simple-watch.h>

#include <avahi-common/malloc.h>

#include <avahi-common/error.h>

/* GnuTLS */

#include <gnutls/gnutls.h> /* All GnuTLS types, constants and

functions:

gnutls_*

init_gnutls_session(),

GNUTLS_* */

#include <gnutls/openpgp.h>

100

/* gnutls_certificate_set_openpgp_key_file(),

101

GNUTLS_OPENPGP_FMT_BASE64 */

102

103

/* GPGME */

104

#include <gpgme.h> /* All GPGME types, constants and

105

functions:

106

gpgme_*

107

GPGME_PROTOCOL_OpenPGP,

108

GPG_ERR_NO_* */

109

110

#define BUFFER_SIZE 256

111

112

#define PATHDIR "/conf/conf.d/mandos"

113

#define SECKEY "seckey.txt"

114

#define PUBKEY "pubkey.txt"

115

116

bool debug = false;

117

static const char mandos_protocol_version[] = "1";

118

const char *argp_program_version = "mandos-client " VERSION;

119

const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";

120

121

/* Used for passing in values through the Avahi callback functions */

122

typedef struct {

123

AvahiSimplePoll *simple_poll;

124

AvahiServer *server;

125

gnutls_certificate_credentials_t cred;

126

unsigned int dh_bits;

127

gnutls_dh_params_t dh_params;

128

const char *priority;

129

gpgme_ctx_t ctx;

130

} mandos_context;

131

132

133

* Make additional room in "buffer" for at least BUFFER_SIZE

134

* additional bytes. "buffer_capacity" is how much is currently

135

* allocated, "buffer_length" is how much is already used.

136

137

size_t incbuffer(char **buffer, size_t buffer_length,

138

size_t buffer_capacity){

139

if(buffer_length + BUFFER_SIZE > buffer_capacity){

140

*buffer = realloc(*buffer, buffer_capacity + BUFFER_SIZE);

141

if(buffer == NULL){

142

return 0;

143

}

144

buffer_capacity += BUFFER_SIZE;

145

}

146

return buffer_capacity;

147

}

148

149

150

* Initialize GPGME.

151

152

static bool init_gpgme(mandos_context *mc, const char *seckey,

153

const char *pubkey, const char *tempdir){

154

int ret;

155

gpgme_error_t rc;

156

gpgme_engine_info_t engine_info;

157

158

159

160

* Helper function to insert pub and seckey to the engine keyring.

161

162

bool import_key(const char *filename){

163

int fd;

164

gpgme_data_t pgp_data;

165

166

fd = (int)TEMP_FAILURE_RETRY(open(filename, O_RDONLY));

167

if(fd == -1){

168

perror("open");

169

return false;

170

}

171

172

rc = gpgme_data_new_from_fd(&pgp_data, fd);

173

if(rc != GPG_ERR_NO_ERROR){

174

fprintf(stderr, "bad gpgme_data_new_from_fd: %s: %s\n",

175

gpgme_strsource(rc), gpgme_strerror(rc));

176

return false;

177

}

178

179

rc = gpgme_op_import(mc->ctx, pgp_data);

180

if(rc != GPG_ERR_NO_ERROR){

181

fprintf(stderr, "bad gpgme_op_import: %s: %s\n",

182

gpgme_strsource(rc), gpgme_strerror(rc));

183

return false;

184

}

185

186

ret = (int)TEMP_FAILURE_RETRY(close(fd));

187

if(ret == -1){

188

perror("close");

189

}

190

gpgme_data_release(pgp_data);

191

return true;

192

}

193

194

if(debug){

195

fprintf(stderr, "Initialize gpgme\n");

196

}

197

198

/* Init GPGME */

199

gpgme_check_version(NULL);

200

rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);

201

if(rc != GPG_ERR_NO_ERROR){

202

fprintf(stderr, "bad gpgme_engine_check_version: %s: %s\n",

203

gpgme_strsource(rc), gpgme_strerror(rc));

204

return false;

205

}

206

207

/* Set GPGME home directory for the OpenPGP engine only */

208

rc = gpgme_get_engine_info(&engine_info);

209

if(rc != GPG_ERR_NO_ERROR){

210

fprintf(stderr, "bad gpgme_get_engine_info: %s: %s\n",

211

gpgme_strsource(rc), gpgme_strerror(rc));

212

return false;

213

}

214

while(engine_info != NULL){

215

if(engine_info->protocol == GPGME_PROTOCOL_OpenPGP){

216

gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP,

217

engine_info->file_name, tempdir);

218

break;

219

}

220

engine_info = engine_info->next;

221

}

222

if(engine_info == NULL){

223

fprintf(stderr, "Could not set GPGME home dir to %s\n", tempdir);

224

return false;

225

}

226

227

/* Create new GPGME "context" */

228

rc = gpgme_new(&(mc->ctx));

229

if(rc != GPG_ERR_NO_ERROR){

230

fprintf(stderr, "bad gpgme_new: %s: %s\n",

231

gpgme_strsource(rc), gpgme_strerror(rc));

232

return false;

233

}

234

235

if(not import_key(pubkey) or not import_key(seckey)){

236

return false;

237

}

238

239

return true;

240

}

241

242

243

* Decrypt OpenPGP data.

244

* Returns -1 on error

245

246

static ssize_t pgp_packet_decrypt(const mandos_context *mc,

247

const char *cryptotext,

248

size_t crypto_size,

249

char **plaintext){

250

gpgme_data_t dh_crypto, dh_plain;

251

gpgme_error_t rc;

252

ssize_t ret;

253

size_t plaintext_capacity = 0;

254

ssize_t plaintext_length = 0;

255

256

if(debug){

257

fprintf(stderr, "Trying to decrypt OpenPGP data\n");

258

}

259

260

/* Create new GPGME data buffer from memory cryptotext */

261

rc = gpgme_data_new_from_mem(&dh_crypto, cryptotext, crypto_size,

262

0);

263

if(rc != GPG_ERR_NO_ERROR){

264

fprintf(stderr, "bad gpgme_data_new_from_mem: %s: %s\n",

265

gpgme_strsource(rc), gpgme_strerror(rc));

266

return -1;

267

}

268

269

/* Create new empty GPGME data buffer for the plaintext */

270

rc = gpgme_data_new(&dh_plain);

271

if(rc != GPG_ERR_NO_ERROR){

272

fprintf(stderr, "bad gpgme_data_new: %s: %s\n",

273

gpgme_strsource(rc), gpgme_strerror(rc));

274

gpgme_data_release(dh_crypto);

275

return -1;

276

}

277

278

/* Decrypt data from the cryptotext data buffer to the plaintext

279

data buffer */

280

rc = gpgme_op_decrypt(mc->ctx, dh_crypto, dh_plain);

281

if(rc != GPG_ERR_NO_ERROR){

282

fprintf(stderr, "bad gpgme_op_decrypt: %s: %s\n",

283

gpgme_strsource(rc), gpgme_strerror(rc));

284

plaintext_length = -1;

285

if(debug){

286

gpgme_decrypt_result_t result;

287

result = gpgme_op_decrypt_result(mc->ctx);

288

if(result == NULL){

289

fprintf(stderr, "gpgme_op_decrypt_result failed\n");

290

} else {

291

fprintf(stderr, "Unsupported algorithm: %s\n",

292

result->unsupported_algorithm);

293

fprintf(stderr, "Wrong key usage: %u\n",

294

result->wrong_key_usage);

295

if(result->file_name != NULL){

296

fprintf(stderr, "File name: %s\n", result->file_name);

297

}

298

gpgme_recipient_t recipient;

299

recipient = result->recipients;

300

if(recipient){

301

while(recipient != NULL){

302

fprintf(stderr, "Public key algorithm: %s\n",

303

gpgme_pubkey_algo_name(recipient->pubkey_algo));

304

fprintf(stderr, "Key ID: %s\n", recipient->keyid);

305

fprintf(stderr, "Secret key available: %s\n",

306

recipient->status == GPG_ERR_NO_SECKEY

307

? "No" : "Yes");

308

recipient = recipient->next;

309

}

310

}

311

}

312

}

313

goto decrypt_end;

314

}

315

316

if(debug){

317

fprintf(stderr, "Decryption of OpenPGP data succeeded\n");

318

}

319

320

/* Seek back to the beginning of the GPGME plaintext data buffer */

321

if(gpgme_data_seek(dh_plain, (off_t)0, SEEK_SET) == -1){

322

perror("gpgme_data_seek");

323

plaintext_length = -1;

324

goto decrypt_end;

325

}

326

327

*plaintext = NULL;

328

while(true){

329

plaintext_capacity = incbuffer(plaintext,

330

(size_t)plaintext_length,

331

plaintext_capacity);

332

if(plaintext_capacity == 0){

333

perror("incbuffer");

334

plaintext_length = -1;

335

goto decrypt_end;

336

}

337

338

ret = gpgme_data_read(dh_plain, *plaintext + plaintext_length,

339

BUFFER_SIZE);

340

/* Print the data, if any */

341

if(ret == 0){

342

/* EOF */

343

break;

344

}

345

if(ret < 0){

346

perror("gpgme_data_read");

347

plaintext_length = -1;

348

goto decrypt_end;

349

}

350

plaintext_length += ret;

351

}

352

353

if(debug){

354

fprintf(stderr, "Decrypted password is: ");

355

for(ssize_t i = 0; i < plaintext_length; i++){

356

fprintf(stderr, "%02hhX ", (*plaintext)[i]);

357

}

358

fprintf(stderr, "\n");

359

}

360

361

decrypt_end:

362

363

/* Delete the GPGME cryptotext data buffer */

364

gpgme_data_release(dh_crypto);

365

366

/* Delete the GPGME plaintext data buffer */

367

gpgme_data_release(dh_plain);

368

return plaintext_length;

369

}

370

371

static const char * safer_gnutls_strerror(int value){

372

const char *ret = gnutls_strerror(value); /* Spurious warning from

373

-Wunreachable-code */

374

if(ret == NULL)

375

ret = "(unknown)";

376

return ret;

377

}

378

379

/* GnuTLS log function callback */

380

static void debuggnutls(__attribute__((unused)) int level,

381

const char* string){

382

fprintf(stderr, "GnuTLS: %s", string);

383

}

384

385

static int init_gnutls_global(mandos_context *mc,

386

const char *pubkeyfilename,

387

const char *seckeyfilename){

388

int ret;

389

390

if(debug){

391

fprintf(stderr, "Initializing GnuTLS\n");

392

}

393

394

ret = gnutls_global_init();

395

if(ret != GNUTLS_E_SUCCESS){

396

fprintf(stderr, "GnuTLS global_init: %s\n",

397

safer_gnutls_strerror(ret));

398

return -1;

399

}

400

401

if(debug){

402

/* "Use a log level over 10 to enable all debugging options."

403

* - GnuTLS manual

404

405

gnutls_global_set_log_level(11);

406

gnutls_global_set_log_function(debuggnutls);

407

}

408

409

/* OpenPGP credentials */

410

gnutls_certificate_allocate_credentials(&mc->cred);

411

if(ret != GNUTLS_E_SUCCESS){

412

fprintf(stderr, "GnuTLS memory error: %s\n", /* Spurious warning

413

from

414

-Wunreachable-code

415

416

safer_gnutls_strerror(ret));

417

gnutls_global_deinit();

418

return -1;

419

}

420

421

if(debug){

422

fprintf(stderr, "Attempting to use OpenPGP public key %s and"

423

" secret key %s as GnuTLS credentials\n", pubkeyfilename,

424

seckeyfilename);

425

}

426

427

ret = gnutls_certificate_set_openpgp_key_file

428

(mc->cred, pubkeyfilename, seckeyfilename,

429

GNUTLS_OPENPGP_FMT_BASE64);

430

if(ret != GNUTLS_E_SUCCESS){

431

fprintf(stderr,

432

"Error[%d] while reading the OpenPGP key pair ('%s',"

433

" '%s')\n", ret, pubkeyfilename, seckeyfilename);

434

fprintf(stderr, "The GnuTLS error is: %s\n",

435

safer_gnutls_strerror(ret));

436

goto globalfail;

437

}

438

439

/* GnuTLS server initialization */

440

ret = gnutls_dh_params_init(&mc->dh_params);

441

if(ret != GNUTLS_E_SUCCESS){

442

fprintf(stderr, "Error in GnuTLS DH parameter initialization:"

443

" %s\n", safer_gnutls_strerror(ret));

444

goto globalfail;

445

}

446

ret = gnutls_dh_params_generate2(mc->dh_params, mc->dh_bits);

447

if(ret != GNUTLS_E_SUCCESS){

448

fprintf(stderr, "Error in GnuTLS prime generation: %s\n",

449

safer_gnutls_strerror(ret));

450

goto globalfail;

451

}

452

453

gnutls_certificate_set_dh_params(mc->cred, mc->dh_params);

454

455

return 0;

456

457

globalfail:

458

459

gnutls_certificate_free_credentials(mc->cred);

460

gnutls_global_deinit();

461

gnutls_dh_params_deinit(mc->dh_params);

462

return -1;

463

}

464

465

static int init_gnutls_session(mandos_context *mc,

466

gnutls_session_t *session){

467

int ret;

468

/* GnuTLS session creation */

469

ret = gnutls_init(session, GNUTLS_SERVER);

470

if(ret != GNUTLS_E_SUCCESS){

471

fprintf(stderr, "Error in GnuTLS session initialization: %s\n",

472

safer_gnutls_strerror(ret));

473

}

474

475

{

476

const char *err;

477

ret = gnutls_priority_set_direct(*session, mc->priority, &err);

478

if(ret != GNUTLS_E_SUCCESS){

479

fprintf(stderr, "Syntax error at: %s\n", err);

480

fprintf(stderr, "GnuTLS error: %s\n",

481

safer_gnutls_strerror(ret));

482

gnutls_deinit(*session);

483

return -1;

484

}

485

}

486

487

ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,

488

mc->cred);

489

if(ret != GNUTLS_E_SUCCESS){

490

fprintf(stderr, "Error setting GnuTLS credentials: %s\n",

491

safer_gnutls_strerror(ret));

492

gnutls_deinit(*session);

493

return -1;

494

}

495

496

/* ignore client certificate if any. */

497

gnutls_certificate_server_set_request(*session,

498

GNUTLS_CERT_IGNORE);

499

500

gnutls_dh_set_prime_bits(*session, mc->dh_bits);

501

502

return 0;

503

}

504

505

/* Avahi log function callback */

506

static void empty_log(__attribute__((unused)) AvahiLogLevel level,

507

__attribute__((unused)) const char *txt){}

508

509

/* Called when a Mandos server is found */

510

static int start_mandos_communication(const char *ip, uint16_t port,

511

AvahiIfIndex if_index,

512

mandos_context *mc, int af){

513

int ret, tcp_sd;

514

ssize_t sret;

515

union {

516

struct sockaddr_in in;

517

struct sockaddr_in6 in6;

518

} to;

519

char *buffer = NULL;

520

char *decrypted_buffer;

521

size_t buffer_length = 0;

522

size_t buffer_capacity = 0;

523

ssize_t decrypted_buffer_size;

524

size_t written;

525

int retval = 0;

526

gnutls_session_t session;

527

int pf; /* Protocol family */

528

529

switch(af){

530

case AF_INET6:

531

pf = PF_INET6;

532

break;

533

case AF_INET:

534

pf = PF_INET;

535

break;

536

default:

537

fprintf(stderr, "Bad address family: %d\n", af);

538

return -1;

539

}

540

541

ret = init_gnutls_session(mc, &session);

542

if(ret != 0){

543

return -1;

544

}

545

546

if(debug){

547

fprintf(stderr, "Setting up a TCP connection to %s, port %" PRIu16

548

"\n", ip, port);

549

}

550

551

tcp_sd = socket(pf, SOCK_STREAM, 0);

552

if(tcp_sd < 0){

553

perror("socket");

554

return -1;

555

}

556

557

memset(&to, 0, sizeof(to));

558

if(af == AF_INET6){

559

to.in6.sin6_family = (uint16_t)af;

560

ret = inet_pton(af, ip, &to.in6.sin6_addr);

561

} else { /* IPv4 */

562

to.in.sin_family = (sa_family_t)af;

563

ret = inet_pton(af, ip, &to.in.sin_addr);

564

}

565

if(ret < 0 ){

566

perror("inet_pton");

567

return -1;

568

}

569

if(ret == 0){

570

fprintf(stderr, "Bad address: %s\n", ip);

571

return -1;

572

}

573

if(af == AF_INET6){

574

to.in6.sin6_port = htons(port); /* Spurious warnings from

575

-Wconversion and

576

-Wunreachable-code */

577

578

if(IN6_IS_ADDR_LINKLOCAL /* Spurious warnings from */

579

(&to.in6.sin6_addr)){ /* -Wstrict-aliasing=2 or lower and

580

-Wunreachable-code*/

581

if(if_index == AVAHI_IF_UNSPEC){

582

fprintf(stderr, "An IPv6 link-local address is incomplete"

583

" without a network interface\n");

584

return -1;

585

}

586

/* Set the network interface number as scope */

587

to.in6.sin6_scope_id = (uint32_t)if_index;

588

}

589

} else {

590

to.in.sin_port = htons(port); /* Spurious warnings from

591

-Wconversion and

592

-Wunreachable-code */

593

}

594

595

if(debug){

596

if(af == AF_INET6 and if_index != AVAHI_IF_UNSPEC){

597

char interface[IF_NAMESIZE];

598

if(if_indextoname((unsigned int)if_index, interface) == NULL){

599

perror("if_indextoname");

600

} else {

601

fprintf(stderr, "Connection to: %s%%%s, port %" PRIu16 "\n",

602

ip, interface, port);

603

}

604

} else {

605

fprintf(stderr, "Connection to: %s, port %" PRIu16 "\n", ip,

606

port);

607

}

608

char addrstr[(INET_ADDRSTRLEN > INET6_ADDRSTRLEN) ?

609

INET_ADDRSTRLEN : INET6_ADDRSTRLEN] = "";

610

const char *pcret;

611

if(af == AF_INET6){

612

pcret = inet_ntop(af, &(to.in6.sin6_addr), addrstr,

613

sizeof(addrstr));

614

} else {

615

pcret = inet_ntop(af, &(to.in.sin_addr), addrstr,

616

sizeof(addrstr));

617

}

618

if(pcret == NULL){

619

perror("inet_ntop");

620

} else {

621

if(strcmp(addrstr, ip) != 0){

622

fprintf(stderr, "Canonical address form: %s\n", addrstr);

623

}

624

}

625

}

626

627

if(af == AF_INET6){

628

ret = connect(tcp_sd, &to.in6, sizeof(to));

629

} else {

630

ret = connect(tcp_sd, &to.in, sizeof(to)); /* IPv4 */

631

}

632

if(ret < 0){

633

perror("connect");

634

return -1;

635

}

636

637

const char *out = mandos_protocol_version;

638

written = 0;

639

while(true){

640

size_t out_size = strlen(out);

641

ret = (int)TEMP_FAILURE_RETRY(write(tcp_sd, out + written,

642

out_size - written));

643

if(ret == -1){

644

perror("write");

645

retval = -1;

646

goto mandos_end;

647

}

648

written += (size_t)ret;

649

if(written < out_size){

650

continue;

651

} else {

652

if(out == mandos_protocol_version){

653

written = 0;

654

out = "\r\n";

655

} else {

656

break;

657

}

658

}

659

}

660

661

if(debug){

662

fprintf(stderr, "Establishing TLS session with %s\n", ip);

663

}

664

665

gnutls_transport_set_ptr(session, (gnutls_transport_ptr_t) tcp_sd);

666

667

do{

668

ret = gnutls_handshake(session);

669

} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);

670

671

if(ret != GNUTLS_E_SUCCESS){

672

if(debug){

673

fprintf(stderr, "*** GnuTLS Handshake failed ***\n");

674

gnutls_perror(ret);

675

}

676

retval = -1;

677

goto mandos_end;

678

}

679

680

/* Read OpenPGP packet that contains the wanted password */

681

682

if(debug){

683

fprintf(stderr, "Retrieving OpenPGP encrypted password from %s\n",

684

ip);

685

}

686

687

while(true){

688

buffer_capacity = incbuffer(&buffer, buffer_length,

689

buffer_capacity);

690

if(buffer_capacity == 0){

691

perror("incbuffer");

692

retval = -1;

693

goto mandos_end;

694

}

695

696

sret = gnutls_record_recv(session, buffer+buffer_length,

697

BUFFER_SIZE);

698

if(sret == 0){

699

break;

700

}

701

if(sret < 0){

702

switch(sret){

703

case GNUTLS_E_INTERRUPTED:

704

case GNUTLS_E_AGAIN:

705

break;

706

case GNUTLS_E_REHANDSHAKE:

707

do{

708

ret = gnutls_handshake(session);

709

} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);

710

if(ret < 0){

711

fprintf(stderr, "*** GnuTLS Re-handshake failed ***\n");

712

gnutls_perror(ret);

713

retval = -1;

714

goto mandos_end;

715

}

716

break;

717

default:

718

fprintf(stderr, "Unknown error while reading data from"

719

" encrypted session with Mandos server\n");

720

retval = -1;

721

gnutls_bye(session, GNUTLS_SHUT_RDWR);

722

goto mandos_end;

723

}

724

} else {

725

buffer_length += (size_t) sret;

726

}

727

}

728

729

if(debug){

730

fprintf(stderr, "Closing TLS session\n");

731

}

732

733

gnutls_bye(session, GNUTLS_SHUT_RDWR);

734

735

if(buffer_length > 0){

736

decrypted_buffer_size = pgp_packet_decrypt(mc, buffer,

737

buffer_length,

738

&decrypted_buffer);

739

if(decrypted_buffer_size >= 0){

740

written = 0;

741

while(written < (size_t) decrypted_buffer_size){

742

ret = (int)fwrite(decrypted_buffer + written, 1,

743

(size_t)decrypted_buffer_size - written,

744

stdout);

745

if(ret == 0 and ferror(stdout)){

746

if(debug){

747

fprintf(stderr, "Error writing encrypted data: %s\n",

748

strerror(errno));

749

}

750

retval = -1;

751

break;

752

}

753

written += (size_t)ret;

754

}

755

free(decrypted_buffer);

756

} else {

757

retval = -1;

758

}

759

} else {

760

retval = -1;

761

}

762

763

/* Shutdown procedure */

764

765

mandos_end:

766

free(buffer);

767

ret = (int)TEMP_FAILURE_RETRY(close(tcp_sd));

768

if(ret == -1){

769

perror("close");

770

}

771

gnutls_deinit(session);

772

return retval;

773

}

774

775

static void resolve_callback(AvahiSServiceResolver *r,

776

AvahiIfIndex interface,

777

AvahiProtocol proto,

778

AvahiResolverEvent event,

779

const char *name,

780

const char *type,

781

const char *domain,

782

const char *host_name,

783

const AvahiAddress *address,

784

uint16_t port,

785

AVAHI_GCC_UNUSED AvahiStringList *txt,

786

AVAHI_GCC_UNUSED AvahiLookupResultFlags

787

flags,

788

void* userdata){

789

mandos_context *mc = userdata;

790

assert(r);

791

792

/* Called whenever a service has been resolved successfully or

793

timed out */

794

795

switch(event){

796

default:

797

case AVAHI_RESOLVER_FAILURE:

798

fprintf(stderr, "(Avahi Resolver) Failed to resolve service '%s'"

799

" of type '%s' in domain '%s': %s\n", name, type, domain,

800

avahi_strerror(avahi_server_errno(mc->server)));

801

break;

802

803

case AVAHI_RESOLVER_FOUND:

804

{

805

char ip[AVAHI_ADDRESS_STR_MAX];

806

avahi_address_snprint(ip, sizeof(ip), address);

807

if(debug){

808

fprintf(stderr, "Mandos server \"%s\" found on %s (%s, %"

809

PRIdMAX ") on port %" PRIu16 "\n", name, host_name,

810

ip, (intmax_t)interface, port);

811

}

812

int ret = start_mandos_communication(ip, port, interface, mc,

813

avahi_proto_to_af(proto));

814

if(ret == 0){

815

avahi_simple_poll_quit(mc->simple_poll);

816

}

817

}

818

}

819

avahi_s_service_resolver_free(r);

820

}

821

822

static void browse_callback(AvahiSServiceBrowser *b,

823

AvahiIfIndex interface,

824

AvahiProtocol protocol,

825

AvahiBrowserEvent event,

826

const char *name,

827

const char *type,

828

const char *domain,

829

AVAHI_GCC_UNUSED AvahiLookupResultFlags

830

flags,

831

void* userdata){

832

mandos_context *mc = userdata;

833

assert(b);

834

835

/* Called whenever a new services becomes available on the LAN or

836

is removed from the LAN */

837

838

switch(event){

839

default:

840

case AVAHI_BROWSER_FAILURE:

841

842

fprintf(stderr, "(Avahi browser) %s\n",

843

avahi_strerror(avahi_server_errno(mc->server)));

844

avahi_simple_poll_quit(mc->simple_poll);

845

return;

846

847

case AVAHI_BROWSER_NEW:

848

/* We ignore the returned Avahi resolver object. In the callback

849

function we free it. If the Avahi server is terminated before

850

the callback function is called the Avahi server will free the

851

resolver for us. */

852

853

if(!(avahi_s_service_resolver_new(mc->server, interface,

854

protocol, name, type, domain,

855

AVAHI_PROTO_INET6, 0,

856

resolve_callback, mc)))

857

fprintf(stderr, "Avahi: Failed to resolve service '%s': %s\n",

858

name, avahi_strerror(avahi_server_errno(mc->server)));

859

break;

860

861

case AVAHI_BROWSER_REMOVE:

862

break;

863

864

case AVAHI_BROWSER_ALL_FOR_NOW:

865

case AVAHI_BROWSER_CACHE_EXHAUSTED:

866

if(debug){

867

fprintf(stderr, "No Mandos server found, still searching...\n");

868

}

869

break;

870

}

871

}

872

873

int main(int argc, char *argv[]){

874

AvahiSServiceBrowser *sb = NULL;

875

int error;

876

int ret;

877

intmax_t tmpmax;

878

int numchars;

879

int exitcode = EXIT_SUCCESS;

880

const char *interface = "eth0";

881

struct ifreq network;

882

int sd;

883

uid_t uid;

884

gid_t gid;

885

char *connect_to = NULL;

886

char tempdir[] = "/tmp/mandosXXXXXX";

887

bool tempdir_created = false;

888

AvahiIfIndex if_index = AVAHI_IF_UNSPEC;

889

const char *seckey = PATHDIR "/" SECKEY;

890

const char *pubkey = PATHDIR "/" PUBKEY;

891

892

mandos_context mc = { .simple_poll = NULL, .server = NULL,

893

.dh_bits = 1024, .priority = "SECURE256"

894

":!CTYPE-X.509:+CTYPE-OPENPGP" };

895

bool gnutls_initialized = false;

896

bool gpgme_initialized = false;

897

double delay = 2.5;

898

899

{

900

struct argp_option options[] = {

901

{ .name = "debug", .key = 128,

902

.doc = "Debug mode", .group = 3 },

903

{ .name = "connect", .key = 'c',

904

.arg = "ADDRESS:PORT",

905

.doc = "Connect directly to a specific Mandos server",

906

.group = 1 },

907

{ .name = "interface", .key = 'i',

908

.arg = "NAME",

909

.doc = "Network interface that will be used to search for"

910

" Mandos servers",

911

.group = 1 },

912

{ .name = "seckey", .key = 's',

913

.arg = "FILE",

914

.doc = "OpenPGP secret key file base name",

915

.group = 1 },

916

{ .name = "pubkey", .key = 'p',

917

.arg = "FILE",

918

.doc = "OpenPGP public key file base name",

919

.group = 2 },

920

{ .name = "dh-bits", .key = 129,

921

.arg = "BITS",

922

.doc = "Bit length of the prime number used in the"

923

" Diffie-Hellman key exchange",

924

.group = 2 },

925

{ .name = "priority", .key = 130,

926

.arg = "STRING",

927

.doc = "GnuTLS priority string for the TLS handshake",

928

.group = 1 },

929

{ .name = "delay", .key = 131,

930

.arg = "SECONDS",

931

.doc = "Maximum delay to wait for interface startup",

932

.group = 2 },

933

{ .name = NULL }

934

};

935

936

error_t parse_opt(int key, char *arg,

937

struct argp_state *state){

938

switch(key){

939

case 128: /* --debug */

940

debug = true;

941

break;

942

case 'c': /* --connect */

943

connect_to = arg;

944

break;

945

case 'i': /* --interface */

946

interface = arg;

947

break;

948

case 's': /* --seckey */

949

seckey = arg;

950

break;

951

case 'p': /* --pubkey */

952

pubkey = arg;

953

break;

954

case 129: /* --dh-bits */

955

ret = sscanf(arg, "%" SCNdMAX "%n", &tmpmax, &numchars);

956

if(ret < 1 or tmpmax != (typeof(mc.dh_bits))tmpmax

957

or arg[numchars] != '\0'){

958

fprintf(stderr, "Bad number of DH bits\n");

959

exit(EXIT_FAILURE);

960

}

961

mc.dh_bits = (typeof(mc.dh_bits))tmpmax;

962

break;

963

case 130: /* --priority */

964

mc.priority = arg;

965

break;

966

case 131: /* --delay */

967

ret = sscanf(arg, "%lf%n", &delay, &numchars);

968

if(ret < 1 or arg[numchars] != '\0'){

969

fprintf(stderr, "Bad delay\n");

970

exit(EXIT_FAILURE);

971

}

972

break;

973

case ARGP_KEY_ARG:

974

argp_usage(state);

975

case ARGP_KEY_END:

976

break;

977

default:

978

return ARGP_ERR_UNKNOWN;

979

}

980

return 0;

981

}

982

983

struct argp argp = { .options = options, .parser = parse_opt,

984

.args_doc = "",

985

.doc = "Mandos client -- Get and decrypt"

986

" passwords from a Mandos server" };

987

ret = argp_parse(&argp, argc, argv, 0, 0, NULL);

988

if(ret == ARGP_ERR_UNKNOWN){

989

fprintf(stderr, "Unknown error while parsing arguments\n");

990

exitcode = EXIT_FAILURE;

991

goto end;

992

}

993

}

994

995

/* If the interface is down, bring it up */

996

if(interface[0] != '\0'){

997

#ifdef __linux__

998

/* Lower kernel loglevel to KERN_NOTICE to avoid KERN_INFO

999

messages to mess up the prompt */

1000

ret = klogctl(8, NULL, 5);

1001

bool restore_loglevel = true;

1002

if(ret == -1){

1003

restore_loglevel = false;

1004

perror("klogctl");

1005

}

1006

#endif

1007

1008

sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);

1009

if(sd < 0){

1010

perror("socket");

1011

exitcode = EXIT_FAILURE;

1012

#ifdef __linux__

1013

if(restore_loglevel){

1014

ret = klogctl(7, NULL, 0);

1015

if(ret == -1){

1016

perror("klogctl");

1017

}

1018

}

1019

#endif

1020

goto end;

1021

}

1022

strcpy(network.ifr_name, interface);

1023

ret = ioctl(sd, SIOCGIFFLAGS, &network);

1024

if(ret == -1){

1025

perror("ioctl SIOCGIFFLAGS");

1026

#ifdef __linux__

1027

if(restore_loglevel){

1028

ret = klogctl(7, NULL, 0);

1029

if(ret == -1){

1030

perror("klogctl");

1031

}

1032

}

1033

#endif

1034

exitcode = EXIT_FAILURE;

1035

goto end;

1036

}

1037

if((network.ifr_flags & IFF_UP) == 0){

1038

network.ifr_flags |= IFF_UP;

1039

ret = ioctl(sd, SIOCSIFFLAGS, &network);

1040

if(ret == -1){

1041

perror("ioctl SIOCSIFFLAGS");

1042

exitcode = EXIT_FAILURE;

1043

#ifdef __linux__

1044

if(restore_loglevel){

1045

ret = klogctl(7, NULL, 0);

1046

if(ret == -1){

1047

perror("klogctl");

1048

}

1049

}

1050

#endif

1051

goto end;

1052

}

1053

}

1054

/* sleep checking until interface is running */

1055

for(int i=0; i < delay * 4; i++){

1056

ret = ioctl(sd, SIOCGIFFLAGS, &network);

1057

if(ret == -1){

1058

perror("ioctl SIOCGIFFLAGS");

1059

} else if(network.ifr_flags & IFF_RUNNING){

1060

break;

1061

}

1062

struct timespec sleeptime = { .tv_nsec = 250000000 };

1063

ret = nanosleep(&sleeptime, NULL);

1064

if(ret == -1 and errno != EINTR){

1065

perror("nanosleep");

1066

}

1067

}

1068

ret = (int)TEMP_FAILURE_RETRY(close(sd));

1069

if(ret == -1){

1070

perror("close");

1071

}

1072

#ifdef __linux__

1073

if(restore_loglevel){

1074

/* Restores kernel loglevel to default */

1075

ret = klogctl(7, NULL, 0);

1076

if(ret == -1){

1077

perror("klogctl");

1078

}

1079

}

1080

#endif

1081

}

1082

1083

uid = getuid();

1084

gid = getgid();

1085

1086

errno = 0;

1087

setgid(gid);

1088

if(ret == -1){

1089

perror("setgid");

1090

}

1091

1092

ret = setuid(uid);

1093

if(ret == -1){

1094

perror("setuid");

1095

}

1096

1097

ret = init_gnutls_global(&mc, pubkey, seckey);

1098

if(ret == -1){

1099

fprintf(stderr, "init_gnutls_global failed\n");

1100

exitcode = EXIT_FAILURE;

1101

goto end;

1102

} else {

1103

gnutls_initialized = true;

1104

}

1105

1106

if(mkdtemp(tempdir) == NULL){

1107

perror("mkdtemp");

1108

goto end;

1109

}

1110

tempdir_created = true;

1111

1112

if(not init_gpgme(&mc, pubkey, seckey, tempdir)){

1113

fprintf(stderr, "init_gpgme failed\n");

1114

exitcode = EXIT_FAILURE;

1115

goto end;

1116

} else {

1117

gpgme_initialized = true;

1118

}

1119

1120

if(interface[0] != '\0'){

1121

if_index = (AvahiIfIndex) if_nametoindex(interface);

1122

if(if_index == 0){

1123

fprintf(stderr, "No such interface: \"%s\"\n", interface);

1124

exitcode = EXIT_FAILURE;

1125

goto end;

1126

}

1127

}

1128

1129

if(connect_to != NULL){

1130

/* Connect directly, do not use Zeroconf */

1131

/* (Mainly meant for debugging) */

1132

char *address = strrchr(connect_to, ':');

1133

if(address == NULL){

1134

fprintf(stderr, "No colon in address\n");

1135

exitcode = EXIT_FAILURE;

1136

goto end;

1137

}

1138

uint16_t port;

1139

ret = sscanf(address+1, "%" SCNdMAX "%n", &tmpmax, &numchars);

1140

if(ret < 1 or tmpmax != (uint16_t)tmpmax

1141

or address[numchars+1] != '\0'){

1142

fprintf(stderr, "Bad port number\n");

1143

exitcode = EXIT_FAILURE;

1144

goto end;

1145

}

1146

port = (uint16_t)tmpmax;

1147

*address = '\0';

1148

address = connect_to;

1149

/* Colon in address indicates IPv6 */

1150

int af;

1151

if(strchr(address, ':') != NULL){

1152

af = AF_INET6;

1153

} else {

1154

af = AF_INET;

1155

}

1156

ret = start_mandos_communication(address, port, if_index, &mc,

1157

af);

1158

if(ret < 0){

1159

exitcode = EXIT_FAILURE;

1160

} else {

1161

exitcode = EXIT_SUCCESS;

1162

}

1163

goto end;

1164

}

1165

1166

if(not debug){

1167

avahi_set_log_function(empty_log);

1168

}

1169

1170

/* Initialize the pseudo-RNG for Avahi */

1171

srand((unsigned int) time(NULL));

1172

1173

/* Allocate main Avahi loop object */

1174

mc.simple_poll = avahi_simple_poll_new();

1175

if(mc.simple_poll == NULL){

1176

fprintf(stderr, "Avahi: Failed to create simple poll object.\n");

1177

exitcode = EXIT_FAILURE;

1178

goto end;

1179

}

1180

1181

{

1182

AvahiServerConfig config;

1183

/* Do not publish any local Zeroconf records */

1184

avahi_server_config_init(&config);

1185

config.publish_hinfo = 0;

1186

config.publish_addresses = 0;

1187

config.publish_workstation = 0;

1188

config.publish_domain = 0;

1189

1190

/* Allocate a new server */

1191

mc.server = avahi_server_new(avahi_simple_poll_get

1192

(mc.simple_poll), &config, NULL,

1193

NULL, &error);

1194

1195

/* Free the Avahi configuration data */

1196

avahi_server_config_free(&config);

1197

}

1198

1199

/* Check if creating the Avahi server object succeeded */

1200

if(mc.server == NULL){

1201

fprintf(stderr, "Failed to create Avahi server: %s\n",

1202

avahi_strerror(error));

1203

exitcode = EXIT_FAILURE;

1204

goto end;

1205

}

1206

1207

/* Create the Avahi service browser */

1208

sb = avahi_s_service_browser_new(mc.server, if_index,

1209

AVAHI_PROTO_INET6, "_mandos._tcp",

1210

NULL, 0, browse_callback, &mc);

1211

if(sb == NULL){

1212

fprintf(stderr, "Failed to create service browser: %s\n",

1213

avahi_strerror(avahi_server_errno(mc.server)));

1214

exitcode = EXIT_FAILURE;

1215

goto end;

1216

}

1217

1218

/* Run the main loop */

1219

1220

if(debug){

1221

fprintf(stderr, "Starting Avahi loop search\n");

1222

}

1223

1224

avahi_simple_poll_loop(mc.simple_poll);

1225

1226

end:

1227

1228

if(debug){

1229

fprintf(stderr, "%s exiting\n", argv[0]);

1230

}

1231

1232

/* Cleanup things */

1233

if(sb != NULL)

1234

avahi_s_service_browser_free(sb);

1235

1236

if(mc.server != NULL)

1237

avahi_server_free(mc.server);

1238

1239

if(mc.simple_poll != NULL)

1240

avahi_simple_poll_free(mc.simple_poll);

1241

1242

if(gnutls_initialized){

1243

gnutls_certificate_free_credentials(mc.cred);

1244

gnutls_global_deinit();

1245

gnutls_dh_params_deinit(mc.dh_params);

1246

}

1247

1248

if(gpgme_initialized){

1249

gpgme_release(mc.ctx);

1250

}

1251

1252

/* Removes the temp directory used by GPGME */

1253

if(tempdir_created){

1254

DIR *d;

1255

struct dirent *direntry;

1256

d = opendir(tempdir);

1257

if(d == NULL){

1258

if(errno != ENOENT){

1259

perror("opendir");

1260

}

1261

} else {

1262

while(true){

1263

direntry = readdir(d);

1264

if(direntry == NULL){

1265

break;

1266

}

1267

/* Skip "." and ".." */

1268

if(direntry->d_name[0] == '.'

1269

and (direntry->d_name[1] == '\0'

1270

or (direntry->d_name[1] == '.'

1271

and direntry->d_name[2] == '\0'))){

1272

continue;

1273

}

1274

char *fullname = NULL;

1275

ret = asprintf(&fullname, "%s/%s", tempdir,

1276

direntry->d_name);

1277

if(ret < 0){

1278

perror("asprintf");

1279

continue;

1280

}

1281

ret = remove(fullname);

1282

if(ret == -1){

1283

fprintf(stderr, "remove(\"%s\"): %s\n", fullname,

1284

strerror(errno));

1285

}

1286

free(fullname);

1287

}

1288

closedir(d);

1289

}

1290

ret = rmdir(tempdir);

1291

if(ret == -1 and errno != ENOENT){

1292

perror("rmdir");

1293

}

1294

}

1295

1296

return exitcode;

1297

}

Older »